CVE-2025-55151

Name of the Vulnerable Software and Affected Versions: Stirling-PDF versions prior to 1.1.0

Description: Stirling-PDF is a locally hosted web application used for PDF file operations. The “convert file to pdf” functionality, accessible via the /api/v1/convert/file/pdf API endpoint, is susceptible to Server-Side Request Forgery (SSRF) during the file conversion process. This occurs because the application utilizes LibreOffice’s unoconvert tool for conversion.

Recommendations: Upgrade to version 1.1.0 or later.